<?php
class AclAuthComponent extends Object {
	var $name = 'AclAuth' ;
	var $components = array ( 'Acl' , 'Session' ) ;
	var $loginRedirect = '/' ;
	var $loginAction = '/login' ;
	
	var $user = null ;
	var $aro = 'Public' ; // public aro (public group)	var $aco = 'ROOT' ;
	var $controller = true ;
	var $allow = array ( 'users/login' , 'init_acl/setupAcl' ) ; // leidziame tam tikras funkcijas, net jeigu jos duombazej uzdraustos	var $acoAlias = null ;
	function startup ( &$controller ) {
		$this->controller = &$controller ;
		if (! isset ( $this->Acl->Aro )) {
			loadModel ( 'Aro' ) ;
			loadModel ( 'Aco' ) ;
			$this->Acl->Aro = new Aro ( ) ; // Temporary			$this->Acl->Aco = new Aco ( ) ; // Temporary		}
		
		$this->controller->user = $this->user ( $this->Session->read ( "Auth.user.username" ) ) ;
		
		$aro = $this->getAro () ;
		$aco = $this->getAco () ;
		
		if (! in_array ( $this->acoAlias, $this->allow )) {
			if ($this->checkAuth ( $aro, $aco ) == true) {
				$this->allow () ;
			} else {
				$this->deny () ;
			}
		} else {
			$this->allow () ;
		}
		$this->controller->set ( "user", $this->controller->user ) ;
	
	}
	function allow () {
		return true ;
	}
	function deny () {
		$this->controller->redirect ( $this->loginAction ) ;
	}
	function checkAuth ( $aro = null , $aco = null , $action = null ) {
		$action = $action ? $action : '*' ;
		
		if (! $aro) {
			$aro = $this->getAro () ;
		}
		$aco = $this->getAco ( $aco ) ;
		$access = $this->Acl->check ( $aro, $aco, $action ) ;
		
		if ($access === true) {
			return true ;
		}
		return false ;
	
	}
	
	function getAro () {
		if ($this->controller->user) {
			$aro = $this->controller->user [ "User" ] [ "username" ] ;
		}
		if (isset ( $aro )) {
			if ($this->Acl->Aro->find ( 'alias = \'' . $aro . '\'', null, null, - 1 )) {
				$this->aro = $aro ;
			}
		}
		return $this->aro ;
	}
	
	function getAco ( $acoAlias = null , $root = null ) {
		$sep = '/' ;
		if (! $root)
			$root = $this->aco ;
		if (! $acoAlias) {
			if (method_exists ( $this->controller, '_getAcoAlias' )) {
				$acoAlias = $this->controller->_getAcoAlias () ;
			} else {
				$action = $this->controller->action ;
				$acoAlias = '' ;
				
				$acoAlias .= Inflector::underscore ( $this->controller->name ) . $sep . $action ;
				
				for ( $i = 0 ; $i < count ( $this->controller->params [ "pass" ] ) ; $i ++ ) {
					$acoAlias .= $sep . $this->controller->params [ "pass" ] [ $i ] ;
				}
			
			}
		}
		$this->acoAlias = $acoAlias ;
		return $acoAlias ;
	}
	
	function user ( $username = null ) {
		if ($username && isset ( $this->controller->User )) {
			$result = $this->controller->User->findByUsername ( $username ) ;
			unset ( $result [ "User" ] [ "password" ] ) ;
			
			return $result ;
		}
		return null ;
	}
	
	function __getAliasList ( $acoAlias , $root = 'ROOT' ) {
		$sep = '/' ;
		$results [] = $acoAlias ;
		$array = explode ( $sep, $acoAlias ) ;
		for ( $i = 1 ; $i <= count ( $array ) + 1 ; $i ++ ) {
			array_pop ( $array ) ;
			$results [] = implode ( $sep, $array ) ;
		}
		$results [] = $root ;
		return $results ;
	}
}
?>